The House of Representatives has passed The Cyber Information and Security Protection Act, sponsored by Rep. Mike Rogers (R-MI) and introduced not long after SOPA and PIPA were abandoned in the wake of a popular uprising of opposition. Its fate in the Senate is uncertain, but it’s clear the federal government is determined to find a way to further reduce any semblance of privacy and protection of your electronic information… for your own good, of course.

I am all for fighting off cyber-attacks and terrorism, but when Ron Paul, Barack Obama and the ACLU are all aligned against a bill, we have to ask ourselves whether we are moving in the right direction.

This all may be much ado about nothing if, as promised, President Obama vetoes CISPA (assuming it gets through the Senate), but if the bill should find itself on the President’s desk, and he should change his mind for any reason, (it is an election year after all – wouldn’t want to look soft on cyber-threats) it will be too late to kill it at that point.

So let’s look at what the bill does, and try to determine whether we should be concerned.

http://vabizlawyers.com Richmond • Christiansburg• Fredericksburg • Research Triangle • Mclean Copyright Sands Anderson PC THE INFORMATION CONTAINED IN OUR WEB SITE DESCRIBES LEGAL MATTERS HANDLED IN THE PAST BY OUR ATTORNEYS. OF COURSE, THE RESULTS WE HAVE ACHIEVED DEPEND UPON A VARIETY OF FACTORS UNIQUE TO EACH MATTER. BECAUSE EACH MATTER IS DIFFERENT, OUR PAST RESULTS CANNOT PREDICT OR GUARANTEE A SIMILAR RESULT IN THE FUTURE. Virginia Business Lawyers CISPA – Evil Spawn of SOPA and PIPA? By: Thomas L. Bowden, Sr. on Thursday, May 3rd, 2012 The House of Representatives has passed The Cyber Information and Security Protection Act, sponsored by Rep. Mike Rogers (R-MI) and introduced not long after SOPA and PIPA were abandoned in the wake of a popular uprising of opposition. Its fate in the Senate is uncertain, but it’s clear the federal government is determined to find a way to further reduce any semblance of privacy and protection of your electronic information… for your own good, of course. I am all for fighting off cyber-attacks and terrorism, but when Ron Paul, Barack Obama and the ACLU are all aligned against a bill, we have to ask ourselves whether we are moving in the right direction. This all may be much ado about nothing if, as promised, President Obama vetoes CISPA (assuming it gets through the Senate), but if the bill should find itself on the President’s desk, and he should change his mind for any reason, (it is an election year after all – wouldn’t want to look soft on cyber-threats) it will be too late to kill it at that point. So let’s look at what the bill does, and try to determine whether we should be concerned. CISPA is drafted to allow the government to share information about “cyber threats” with commercial companies. So far so good – but do we need an act for that? Wouldn’t you expect your government to warn you if you were about to be attacked? You don’t have to be a Pearl Harbor or 9/11 conspiracy theorist to wonder why this would require special legislation. One possible reason is that some of the information that might be shared, might have been obtained through technical means that the government would otherwise rather not be made public – or even hinted at. In other words, they would tell you but … you know how it goes. The flip side is that companies who have confidential information that might suggest the possibility of a cyber threat would now be allowed and “encouraged” to share that information with the government. Again, at first glance, you again might ask – what’s the big deal – shouldn’t Bank of America tell the http://vabizlawyers.com Richmond • Christiansburg• Fredericksburg • Research Triangle • Mclean Copyright Sands Anderson PC THE INFORMATION CONTAINED IN OUR WEB SITE DESCRIBES LEGAL MATTERS HANDLED IN THE PAST BY OUR ATTORNEYS. OF COURSE, THE RESULTS WE HAVE ACHIEVED DEPEND UPON A VARIETY OF FACTORS UNIQUE TO EACH MATTER. BECAUSE EACH MATTER IS DIFFERENT, OUR PAST RESULTS CANNOT PREDICT OR GUARANTEE A SIMILAR RESULT IN THE FUTURE. FBI if, for example, they detect a sophisticated threat? Certainly they should – but they should do so without violating laws already on the books to protect the privacy of your information. CISPA, however, would grant corporations legal immunity for sharing information if it fits within the definition of a cyber threat scenario as defined by CISPA. OK – now we get it. Under CISPA, Corporations and Government, in the name of protecting us all from cyber attack, could, with immunity, violate our privacy wholesale by sharing all kinds of data that we have come to think of as legally protected. Do you really think, for example, that a major corporation will take the time to carefully anonymize terabytes of information if, instead, it can just claim immunity under CISPA and turn it over to the government in bulk? I can hear the senate hearings now: Committee Chairman: “Mrs. Smith, when your bank released all of its private customer transactional data to the government in response to the threat of a foreign government sponsored hacking campaign, what precautions did you take to preserve the privacy of your account holders?” Witness Smith: “Well Senator, under the circumstances, which seemed pretty serious, we thought the better approach was to simply turn it all over and cooperate as much as possible.” Chair: “Weren’t you concerned that your customers or even perhaps another government entity might sue or prosecute you for such a wholesale violation of privacy laws?” Smith: “Uhhh – actually, no, not really, because, er, um, I mean, well, our attorneys advised us that we had immunity under CISPA, so we thought it best to just release the information.” Chair: “But of course, the threat turned out to be non-existent, isn’t that correct?” Smith: “Yes Senator, but at the time it seemed quite real.” Chair: “And has the government then deleted all of that information, since it no longer seems relevant to national security or any threat to our commercial systems?” Smith: “Well, Senator, I would have no way of knowing that.” Chair: “Thank you, Mrs. Smith.” That’s what worries me. Does it worry you, too?

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

All the intelligence you need, in one easy email:

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.